OmniSciDB  1dac507f6e
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
TablePermissionsTest.java
Go to the documentation of this file.
1 /*
2  * Copyright 2015 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package com.mapd.tests;
17 
18 import static com.mapd.tests.MapdAsserts.shouldThrowException;
19 
20 import org.slf4j.Logger;
21 import org.slf4j.LoggerFactory;
22 
23 public class TablePermissionsTest {
24  final static Logger logger = LoggerFactory.getLogger(TablePermissionsTest.class);
25 
26  public static void main(String[] args) throws Exception {
28  test.testTablePermissions();
29  }
30 
31  public void testTablePermissions() throws Exception {
32  logger.info("testTablePermissions()");
33 
34  MapdTestClient su = MapdTestClient.getClient(
35  "localhost", 6274, "mapd", "mapd", "HyperInteractive");
36 
37  su.runSql("CREATE USER dba (password = 'password', is_super = 'true');");
38  su.runSql("CREATE USER bob (password = 'password', is_super = 'false');");
39  su.runSql("CREATE USER bill (password = 'password', is_super = 'false');");
40 
41  su.runSql("CREATE ROLE salesDept;");
42  su.runSql("CREATE USER foo (password = 'password', is_super = 'false');");
43  su.runSql("GRANT salesDept TO foo;");
44 
45  su.runSql("CREATE DATABASE db1;");
46  su.runSql("CREATE DATABASE db2;");
47 
48  su.runSql("GRANT ACCESS on database db1 TO bob;");
49  su.runSql("GRANT ACCESS on database db1 TO bill;");
50  su.runSql("GRANT ACCESS on database db1 TO foo;");
51  su.runSql("GRANT ACCESS on database db1 TO dba;");
52 
53  MapdTestClient dba =
54  MapdTestClient.getClient("localhost", 6274, "db1", "dba", "password");
55  MapdTestClient bill =
56  MapdTestClient.getClient("localhost", 6274, "db1", "bill", "password");
57  MapdTestClient bob =
58  MapdTestClient.getClient("localhost", 6274, "db1", "bob", "password");
59  MapdTestClient foo =
60  MapdTestClient.getClient("localhost", 6274, "db1", "foo", "password");
61 
62  shouldThrowException("bill should not be able to create tables",
63  () -> bill.runSql("CREATE TABLE bill_table(id integer);"));
64  shouldThrowException("bob should not be able to create tables",
65  () -> bob.runSql("CREATE TABLE bob_table(id integer);"));
66  shouldThrowException("foo should not be able to create tables",
67  () -> foo.runSql("CREATE TABLE foo_table(id integer);"));
68  ;
69 
70  dba.runSql("GRANT CREATE ON DATABASE db1 TO bill");
71  dba.runSql("GRANT DROP ON DATABASE db1 TO bill");
72 
73  bill.runSql("CREATE TABLE bill_table(id integer);");
74 
75  shouldThrowException(
76  "not allowed to select", () -> bob.runSql("SELECT * from bill_table"));
77  shouldThrowException(
78  "not allowed to select", () -> foo.runSql("SELECT * from bill_table"));
79 
80  bill.runSql("GRANT SELECT ON TABLE bill_table TO bob");
81 
82  bob.runSql("SELECT * from bill_table");
83  shouldThrowException(
84  "foo not allowed to select", () -> foo.runSql("SELECT * from bill_table"));
85 
86  bill.runSql("GRANT SELECT ON TABLE bill_table TO salesDept"); // foo
87  bob.runSql("SELECT * from bill_table");
88  foo.runSql("SELECT * from bill_table");
89 
90  shouldThrowException(
91  "insert not allowed", () -> bob.runSql("INSERT INTO bill_table VALUES(1)"));
92  shouldThrowException(
93  "insert not allowed ", () -> foo.runSql("INSERT INTO bill_table VALUES(1)"));
94 
95  bill.runSql("GRANT INSERT ON TABLE bill_table TO bob");
96  bob.runSql("INSERT INTO bill_table VALUES(1)");
97  shouldThrowException(
98  "insert not allowed ", () -> foo.runSql("INSERT INTO bill_table VALUES(1)"));
99 
100  bill.runSql("GRANT INSERT ON TABLE bill_table TO salesDept");
101  bob.runSql("INSERT INTO bill_table VALUES(1)");
102  foo.runSql("INSERT INTO bill_table VALUES(1)");
103 
104  shouldThrowException("update not allowed",
105  () -> bob.runSql("UPDATE bill_table SET id = 2 WHERE id = 0"));
106  shouldThrowException("update not allowed ",
107  () -> foo.runSql("UPDATE bill_table SET id = 2 WHERE id = 0"));
108 
109  bill.runSql("GRANT UPDATE ON TABLE bill_table TO bob");
110  bob.runSql("UPDATE bill_table SET id = 2 WHERE id = 0");
111  shouldThrowException("update not allowed ",
112  () -> foo.runSql("UPDATE bill_table SET id = 2 WHERE id = 0"));
113 
114  bill.runSql("GRANT UPDATE ON TABLE bill_table TO salesDept");
115  bob.runSql("UPDATE bill_table SET id = 2 WHERE id = 0");
116  foo.runSql("UPDATE bill_table SET id = 2 WHERE id = 0");
117 
118  shouldThrowException("update not allowed",
119  () -> bob.runSql("DELETE FROM bill_table WHERE id = 0"));
120  shouldThrowException("update not allowed ",
121  () -> foo.runSql("DELETE FROM bill_table WHERE id = 0"));
122 
123  bill.runSql("GRANT DELETE ON TABLE bill_table TO bob");
124  bob.runSql("DELETE FROM bill_table WHERE id = 0");
125  shouldThrowException("update not allowed ",
126  () -> foo.runSql("DELETE FROM bill_table WHERE id = 0"));
127 
128  bill.runSql("GRANT DELETE ON TABLE bill_table TO salesDept");
129  bob.runSql("DELETE FROM bill_table WHERE id = 0");
130  foo.runSql("DELETE FROM bill_table WHERE id = 0");
131 
132  su.runSql("DROP DATABASE db1;");
133  su.runSql("DROP DATABASE db2;");
134  su.runSql("DROP USER foo;");
135  su.runSql("DROP ROLE salesDept;");
136  su.runSql("DROP USER bob;");
137  su.runSql("DROP USER bill;");
138  su.runSql("DROP USER dba;");
139  }
140 }